Privacy Advisor

Having trouble receiving the Privacy Advisor in your inbox? Click here for troubleshooting tips.

Global Privacy Dispatches

FRANCE—Expansion of CNIL Investigation Powers Confirmed
In the past few years, the French data protection authority (CNIL) has made itself known for its on-site investigation powers by coming unannounced to the premises of businesses to perform interviews and searches in order to assess compliance with the French Data Protection Act. Read More
FRANCE—The End of Aggressive Cold-Calling?
The new consumer act of March 17 is now in force. Among its key measures, it plans the creation of a centralized do-not call list. Read More
HUNGARY—Hungarian DPA Suggests Refinements in IT Policies
In a recent case, the Hungarian Authority for Data Protection and Freedom of Information (Nemzeti Adatvédelmi és Információszabadság Hatóság or NAIH) investigated a case where a company had to access its employee’s laptop for compliance reasons and imposed a fine of HUF 1,500,000 (approximately 5,000 euros) for unlawful data processing. Read More
UK—Marketing Companies Punished for Hiding Identity While Making Nuisance Calls
The Information Commissioner's Office (ICO) has ordered two telephone marketing companies to change their practices after more than 100 complaints were made to the ICO that the companies were making nuisance marketing calls. Read More
UK—British Pregnancy Advice Service Fined for Serious Data Breach
The British Pregnancy Advice Service (BPAS) has been fined 200,000 GBPs after a serious breach of the Data Protection Act (DPA) revealed thousands of people's personal details to a malicious hacker. Read More
UK—ICO Publishes Updated PIA Guidance
The UK Information Commissioner's Office has published its updated Privacy Impact Assessment (PIA) Code of Practice to help organisations comply with their data protection law obligations when they change the way that they use personal data. Read More
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions.

Read More
ITALY—Garante’s Provision on Mobile Payment Services
On December 12, 2013, the Italian Data Protection Authority (Garante) issued a draft general provision on the processing of personal data in the context of mobile remote payment services. This new provision sets the rules for the processing of information about users who purchase digital services and products and pay for them remotely via their phone bills. Read More
ITALY—Garante Addresses Medical Research, Welfare Positions Issues
The Garante, Italy’s Data Protection Authority (IDPA), has released three decisions related to research and a register of welfare positions. Read More
New IAPP Board Members (March 1, 2009)
Self-Encrypting Hard Drive Standards (March 1, 2009)
The nonprofit Trusted Computing Group has released three new encryption standards for vendors.
Privacy and electronic health records (March 1, 2009)
The lack of well-defined, across-the-board privacy requirements continues to slow the widespread adoption of electronic health records (EHRs). Federal and state agencies, healthcare providers, and private companies are subject to different privacy and security rules, and a lack of automated monitoring methods hampers their enforcement. Stephen Gantz, CIPP/G, presents the challenges, including those posed by the HITECH Act, and discusses how data-sharing agreements could help establish the mutual trust needed to enable widespread health information exchange.
Privacy in Print (March 1, 2009)
SWIFT receives clean bill of health (March 1, 2009)
The Belgian Privacy Commission’s decision on SWIFT’s disclosure of financial information to the US Department of the Treasury spotlights the challenges private organisations face with the conflicting legal demands of different jurisdictions. In this article, two Linklaters partners summarize the investigation and how the Belgian Privacy Commission concluded that SWIFT complies with all the provisions of Belgian data protection law.
Criminal trial against Google execs to resume (March 1, 2009)
The Italian criminal trial against four Google executives accused of defamation and privacy law violations has opened a dialogue about who is responsible for material posted to sites such as YouTube. The case stems from the 2006 posting of a video to Google Italia YouTube showing a boy with Down syndrome being bullied by peers. The outcome hinges on whether the court considers Google an Internet content provider or Internet service provider, which bear different responsibilities under Italian law.
Canadian Privacy Commissioner Releases Assessment Tool (March 1, 2009)
Ontario’s Information and Privacy Commissioner Ann Cavoukian has released an assessment tool for companies that share their online identity management systems.
Leibowitz to head FTC (March 1, 2009)
President Obama has nominated Democrat Jon Leibowitz as chairman of the Federal Trade Commission.
Bulgaria Fines CEZ (March 1, 2009)
Bulgaria’s Commission for Personal Data Protection (CPDP) has fined electricity distribution company CEZ for continued breaches of privacy protection regulations, reports the Sofia Echo.
10 Things the IRS wants you to know about identity theft (March 1, 2009)
10 Things the IRS wants you to know about identity theft
John Grace Dies at 82 (March 1, 2009)